Re: squid and cable ISP's

Federico Figueroa C. wrote:

> I'm setting a cable ISP for one way cable modems and I'll like to
> know if there's a way to tell squid to answer the requests using another
> interface. I mean, using only one computer as proxy, with two interfaces,
> one into the Internet and the other to the cable data transmiter, so the
> client make the request using the dial-up to Internet from any ISP with
> dynamic IPs, then squid grabs the web page or file from the Internet using
> the same interface, and then send it to the data transmiter so the user
> can get his web page from the cable modem.

This is more a routing and networking issue than a Squid issue. What you
want is asymmetric routing to have return traffic to the clients routed
from the proxy down the cable to the client.

There are two possible approaches:
a) The requests is sent using the IP of the cable modem. This requires a
small proxy (preferably a SOCKS server) to be installed on the client
computer as none of the browsers allows configuring what IP to use when
making requests. It also requires that there is no anti-spoofing filters
installed at the dialup-ISP or it's partners.

b) Clients use a proxy server at you (the cable ISP). Problem is then
that all requests must travel thru the internet to your proxy and then
back out on the internet.

(a) is quite trivial, and I wont go into details.

(b) is a bit more complex, and the details depends a lot on how your
cable routing equipment operate, and I'll elaborate a bit on this:

One thing needed for any type of equipment is some means of making an
assosiation between the dialup IP and the cable modem IP. The easiest
approach is probably by using proxy authorization to identify the cable
modem user at the proxy, then you have a "cable" loginname and a dialup
IP. The "cable" login name should allow you to find the cable IP by some
means specific to your environment (most likely a table lookup).

Next step would be to find means of routing the dialup IP from the proxy
down the cable to the cable modem. The most generic approach would be IP
tunneling (using GRE or similar), but if your cable is fully broadcast
then you could do it with direct host routes without GRE.

If you can figure out a way of tearing up and down the routing of the
remote dialup IP down the cable by calling a small program on the host
where Squid runs, and a way to find the cable modem IP from a username,
then the other part is trivial (may require some minimal changes to
Squid code, but it is trivial)

--
Henrik Nordstrom
Spare time Squid hacker